LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, November 12th, 2015

    Time Event
    1:09a
    [$] LWN.net Weekly Edition for November 12, 2015
    The LWN.net Weekly Edition for November 12, 2015 is available.
    1:06p
    Firefox OS 2.5 developer preview
    Mozilla has announced
    the availability of a developer preview for version 2.5 of Firefox OS. New
    features include an add-on mechanism, tracking protection, and more. There
    is also a version of the system packaged as an Android app, allowing it to
    be tried on an Android device without wiping Android itself. "If
    you’re curious to see what Firefox OS is all about, or just interested in
    testing out new features, the Firefox OS 2.5 Developer Preview app makes it
    very simple to get started with very little risk involved. By downloading
    the app, you can experience Firefox OS and explore many of its
    capabilities, without flashing hardware. If you decide you’re done trying
    it out, the app can be removed as simply as any other app.    "
    2:43p
    Thursday's security advisories

    Arch Linux has updated flashplugin (multiple vulnerabilities) and powerdns (denial of service).

    Fedora has updated lxc (F22; F21: directory traversal).

    Mageia has updated flash-player-plugin (multiple vulnerabilities).

    openSUSE has updated git (13.2, 13.1: code execution), java-1_7_0-openjdk (42.1: multiple vulnerabilities), and xen (13.1; 42.1: multiple vulnerabilities, one from 2014).

    10:38p
    Did the FBI Pay a University to Attack Tor Users? (Tor blog)
    The Tor blog is carrying a post from interim executive director Roger Dingledine that accuses Carnegie Mellon University (CMU) of accepting $1 million from the FBI to de-anonymize Tor users.
    "There is no indication yet that they had a warrant or any institutional oversight by Carnegie Mellon's Institutional Review Board. We think it's unlikely they could have gotten a valid warrant for CMU's attack as conducted, since it was not narrowly tailored to target criminals or criminal activity, but instead appears to have indiscriminately targeted many users at once.

    Such action is a violation of our trust and basic guidelines for ethical research. We strongly support independent research on our software and network, but this attack crosses the crucial line between research and endangering innocent users.    " Cryptographer Matthew Green has also weighed in (among others, including Forbes and Ars Technica): "If CMU really did conduct Tor de-anonymization research for the benefit of the FBI, the people they identified were allegedly not doing the nicest things. It's hard to feel particularly sympathetic.

    Except for one small detail: there's no reason to believe that the defendants were the only people affected.    "

    << Previous Day 2015/11/12
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org